wa_desert_rat Posted May 7, 2015 Report Share Posted May 7, 2015 Hot on the heels of a cross-platform exploit that may not actually be cross-platform (at least in the same way) we now get the undetectable and unremovable exploit for Mac. Actually, this came out in January but I missed it. Maybe RV saw it but I missed *that* too. So, as the story goes,the Thunderbolt port on the new Apple Macs can be infected with an exploit that goes straight to the boot prom. (The article - url below - says "boot rom" but it would have to be a prom in order for something to write into it, right?) And when, exactly, was the last time you checked your boot prom for malware? Exactly. So, suppose you do check your boot prom for malware and find this exploit. Well, apparently there's no way to detect it and probably the only way to remove it is to flash the prom. This is a proof-of-concept exploit; no one has found it in the wild. But, then, no one *would* find it in the wild because it's undetectable. Buahahaha(cough)hahaha.... Before you panic, the exploit has to be delivered either by fooling you into picking up an infected thunderbolt device and convincing you that you just have got to plug it into your Mac; or by someone evil dropping by and doing it when your back is turned. Note to self: Don't ever buy a Mac that has been set out as a demo at Best Buy. Here is one article and another one (because I always research this stuff a little before I post it) below it. http://www.networkworld.com/article/2871213/opensource-subnet/the-philosophical-implications-of-mac-malware.html and http://mashable.com/2015/01/02/thunderstrike-mac/ But the second article says Apple has already fixed part of the exploit. Rats. I was looking forward seeing Mac users walking around with armored briefcases handcuffed to their wrists. WDR Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.